From fd35a7baa77ea1ca5f842bca63bee3f5aeee2f02 Mon Sep 17 00:00:00 2001
From: Aki Tuomi <aki.tuomi@open-xchange.com>
Date: Thu, 13 Aug 2020 11:36:08 +0300
Subject: [PATCH] global: Disable undefined behaviour sanitization for select
 locations

---
 src/auth/crypt-blowfish.c       |  4 +++-
 src/lib-http/http-client-peer.c |  4 ++--
 src/lib-otp/otp-parse.c         |  3 ++-
 src/lib/bits.h                  | 15 ++++++++++-----
 src/lib/buffer.c                |  4 +++-
 src/lib/data-stack.c            |  3 ++-
 src/lib/hash.c                  |  9 ++++++---
 src/lib/md4.c                   |  6 +++++-
 src/lib/md5.c                   |  5 ++++-
 src/lib/strnum.c                |  4 ++--
 src/lib/test-bits.c             |  6 ++++--
 11 files changed, 43 insertions(+), 20 deletions(-)

diff --git a/src/auth/crypt-blowfish.c b/src/auth/crypt-blowfish.c
index 0530198ef5..ee94317969 100644
--- a/src/auth/crypt-blowfish.c
+++ b/src/auth/crypt-blowfish.c
@@ -640,7 +640,9 @@ static const unsigned char flags_by_subtype[26] =
 	{2, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
 	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 4, 0};
 
-static char *BF_crypt(const char *key, const char *setting,
+static char * ATTR_NO_SANITIZE_UNDEFINED ATTR_NO_SANITIZE_INTEGER
+	ATTR_NO_SANITIZE_IMPLICIT_CONVERSION
+BF_crypt(const char *key, const char *setting,
 	char *output, size_t size,
 	BF_word min)
 {
diff --git a/src/lib-http/http-client-peer.c b/src/lib-http/http-client-peer.c
index f8c2ecb42e..d11159f869 100644
--- a/src/lib-http/http-client-peer.c
+++ b/src/lib-http/http-client-peer.c
@@ -33,8 +33,8 @@ http_client_peer_connection_failed_pool(struct http_client_peer *peer,
  * Peer address
  */
 
-unsigned int http_client_peer_addr_hash
-(const struct http_client_peer_addr *peer)
+unsigned int ATTR_NO_SANITIZE_INTEGER
+http_client_peer_addr_hash(const struct http_client_peer_addr *peer)
 {
 	unsigned int hash = (unsigned int)peer->type;
 
diff --git a/src/lib-otp/otp-parse.c b/src/lib-otp/otp-parse.c
index 4c68628478..70b6940519 100644
--- a/src/lib-otp/otp-parse.c
+++ b/src/lib-otp/otp-parse.c
@@ -74,7 +74,8 @@ int otp_read_hex(const char *data, const char **endptr, unsigned char *hash)
 	count++; \
 } while (0)
 
-int otp_read_words(const char *data, const char **endptr, unsigned char *hash)
+int ATTR_NO_SANITIZE_INTEGER
+otp_read_words(const char *data, const char **endptr, unsigned char *hash)
 {
 	bool space = FALSE;
 	unsigned int len = 0, count = 0;
diff --git a/src/lib/bits.h b/src/lib/bits.h
index 430ae8ec3f..586b166e76 100644
--- a/src/lib/bits.h
+++ b/src/lib/bits.h
@@ -67,7 +67,8 @@ unsigned int bits_required64(uint64_t num)
 }
 #endif
 
-static inline uint64_t
+static inline uint64_t ATTR_NO_SANITIZE_INTEGER
+	ATTR_NO_SANITIZE_IMPLICIT_CONVERSION
 bits_rotl64(uint64_t num, unsigned int count)
 {
 	const unsigned int mask = CHAR_BIT*sizeof(num) - 1;
@@ -75,7 +76,8 @@ bits_rotl64(uint64_t num, unsigned int count)
 	return (num << count) | (num >> (-count & mask));
 }
 
-static inline uint32_t
+static inline uint32_t ATTR_NO_SANITIZE_INTEGER
+	ATTR_NO_SANITIZE_IMPLICIT_CONVERSION
 bits_rotl32(uint32_t num, unsigned int count)
 {
         const unsigned int mask = CHAR_BIT*sizeof(num) - 1;
@@ -83,7 +85,8 @@ bits_rotl32(uint32_t num, unsigned int count)
         return (num << count) | (num >> (-count & mask));
 }
 
-static inline uint64_t
+static inline uint64_t ATTR_NO_SANITIZE_INTEGER
+	ATTR_NO_SANITIZE_IMPLICIT_CONVERSION
 bits_rotr64(uint64_t num, unsigned int count)
 {
 	const unsigned int mask = CHAR_BIT*sizeof(num) - 1;
@@ -91,7 +94,8 @@ bits_rotr64(uint64_t num, unsigned int count)
 	return (num >> count) | (num << (-count & mask));
 }
 
-static inline uint32_t
+static inline uint32_t ATTR_NO_SANITIZE_INTEGER
+	ATTR_NO_SANITIZE_IMPLICIT_CONVERSION
 bits_rotr32(uint32_t num, unsigned int count)
 {
 	const unsigned int mask = CHAR_BIT*sizeof(num) - 1;
@@ -143,7 +147,8 @@ bits_fraclog_bucket_start(unsigned int bucket, unsigned int fracbits)
 	unsigned int bandstart = fracoffs1 << (bandnum - 1);
 	return bandstart;
 }
-static inline unsigned int ATTR_CONST
+static inline unsigned int ATTR_CONST ATTR_NO_SANITIZE_INTEGER
+	ATTR_NO_SANITIZE_IMPLICIT_CONVERSION
 bits_fraclog_bucket_end(unsigned int bucket, unsigned int fracbits)
 {
 	unsigned int bandnum = bucket >> fracbits;
diff --git a/src/lib/buffer.c b/src/lib/buffer.c
index 41b879022e..f9a5f2659a 100644
--- a/src/lib/buffer.c
+++ b/src/lib/buffer.c
@@ -419,7 +419,9 @@ void buffer_verify_pool(buffer_t *_buf)
 	}
 }
 
-void buffer_truncate_rshift_bits(buffer_t *buf, size_t bits)
+void ATTR_NO_SANITIZE_IMPLICIT_CONVERSION
+	ATTR_NO_SANITIZE_INTEGER
+buffer_truncate_rshift_bits(buffer_t *buf, size_t bits)
 {
 	/* no-op if it's shorten than bits in any case.. */
 	if (buf->used * 8 < bits) return;
diff --git a/src/lib/data-stack.c b/src/lib/data-stack.c
index 82887991a4..a408756b78 100644
--- a/src/lib/data-stack.c
+++ b/src/lib/data-stack.c
@@ -468,7 +468,8 @@ void *t_malloc0(size_t size)
 	return mem;
 }
 
-bool t_try_realloc(void *mem, size_t size)
+bool ATTR_NO_SANITIZE_INTEGER
+t_try_realloc(void *mem, size_t size)
 {
 	size_t debug_adjust = 0, last_alloc_size;
 	unsigned char *after_last_alloc;
diff --git a/src/lib/hash.c b/src/lib/hash.c
index 4b1e6a000c..76d51baaaa 100644
--- a/src/lib/hash.c
+++ b/src/lib/hash.c
@@ -537,7 +537,8 @@ unsigned int str_hash(const char *p)
 }
 
 /* a char* hash function from ASU -- from glib */
-unsigned int strcase_hash(const char *p)
+unsigned int ATTR_NO_SANITIZE_INTEGER
+strcase_hash(const char *p)
 {
         const unsigned char *s = (const unsigned char *)p;
 	unsigned int g, h = 0;
@@ -554,7 +555,8 @@ unsigned int strcase_hash(const char *p)
 	return h;
 }
 
-unsigned int mem_hash(const void *p, unsigned int size)
+unsigned int ATTR_NO_SANITIZE_INTEGER
+mem_hash(const void *p, unsigned int size)
 {
 	const unsigned char *s = p;
 	unsigned int i, g, h = 0;
@@ -570,7 +572,8 @@ unsigned int mem_hash(const void *p, unsigned int size)
 	return h;
 }
 
-unsigned int strfastcase_hash(const char *p)
+unsigned int ATTR_NO_SANITIZE_INTEGER
+strfastcase_hash(const char *p)
 {
 	const unsigned char *s = (const unsigned char *)p;
 	unsigned int g, h = 0;
diff --git a/src/lib/md4.c b/src/lib/md4.c
index e23b35d3fa..87228505b7 100644
--- a/src/lib/md4.c
+++ b/src/lib/md4.c
@@ -66,6 +66,8 @@
  * the bit counters.  There're no alignment requirements.
  */
 static const void * ATTR_NOWARN_UNUSED_RESULT ATTR_UNSIGNED_WRAPS
+	ATTR_NO_SANITIZE_UNDEFINED ATTR_NO_SANITIZE_INTEGER
+	ATTR_NO_SANITIZE_IMPLICIT_CONVERSION
 body(struct md4_context *ctx, const void *data, size_t size)
 {
 	const unsigned char *ptr;
@@ -208,7 +210,9 @@ void md4_update(struct md4_context *ctx, const void *data, size_t size)
 	memcpy(ctx->buffer, data, size);
 }
 
-void md4_final(struct md4_context *ctx, unsigned char result[STATIC_ARRAY MD4_RESULTLEN])
+void ATTR_NO_SANITIZE_UNDEFINED ATTR_NO_SANITIZE_INTEGER
+	ATTR_NO_SANITIZE_IMPLICIT_CONVERSION
+md4_final(struct md4_context *ctx, unsigned char result[STATIC_ARRAY MD4_RESULTLEN])
 {
 	/* @UNSAFE */
 	unsigned long used, free;
diff --git a/src/lib/md5.c b/src/lib/md5.c
index bd41340843..096e10fff5 100644
--- a/src/lib/md5.c
+++ b/src/lib/md5.c
@@ -67,6 +67,8 @@
  * the bit counters.  There're no alignment requirements.
  */
 static const void * ATTR_NOWARN_UNUSED_RESULT ATTR_UNSIGNED_WRAPS
+        ATTR_NO_SANITIZE_UNDEFINED ATTR_NO_SANITIZE_INTEGER
+        ATTR_NO_SANITIZE_IMPLICIT_CONVERSION
 body(struct md5_context *ctx, const void *data, size_t size)
 {
 	const unsigned char *ptr;
@@ -222,7 +224,8 @@ md5_update(struct md5_context *ctx, const void *data, size_t size)
 	memcpy(ctx->buffer, data, size);
 }
 
-void ATTR_UNSIGNED_WRAPS
+void ATTR_UNSIGNED_WRAPS ATTR_NO_SANITIZE_UNDEFINED
+	ATTR_NO_SANITIZE_INTEGER ATTR_NO_SANITIZE_IMPLICIT_CONVERSION
 md5_final(struct md5_context *ctx, unsigned char result[STATIC_ARRAY MD5_RESULTLEN])
 {
 	/* @UNSAFE */
diff --git a/src/lib/strnum.c b/src/lib/strnum.c
index 2d0cdea317..fe1bdbca63 100644
--- a/src/lib/strnum.c
+++ b/src/lib/strnum.c
@@ -314,8 +314,8 @@ STR_TO_S__TEMPLATE(str_to_llong, long long, LLONG_MIN, LLONG_MAX)
 STR_TO_S__TEMPLATE(str_to_int32, int32_t, INT32_MIN, INT32_MAX)
 STR_TO_S__TEMPLATE(str_to_int64, int64_t, INT64_MIN, INT64_MAX)
 
-int str_parse_intmax(const char *str, intmax_t *num_r,
-	const char **endp_r)
+int ATTR_NO_SANITIZE_IMPLICIT_CONVERSION ATTR_NO_SANITIZE_INTEGER
+str_parse_intmax(const char *str, intmax_t *num_r, const char **endp_r)
 {
 	bool neg = FALSE;
 	uintmax_t l;
diff --git a/src/lib/test-bits.c b/src/lib/test-bits.c
index 8379c0673d..86ad0f1a33 100644
--- a/src/lib/test-bits.c
+++ b/src/lib/test-bits.c
@@ -97,7 +97,8 @@ static void test_sum_overflows(void)
 	test_end();
 }
 
-static void test_bits_fraclog(void)
+static void ATTR_NO_SANITIZE_INTEGER ATTR_NO_SANITIZE_IMPLICIT_CONVERSION
+test_bits_fraclog(void)
 {
 	unsigned int fracbits;
 	for (fracbits = 0; fracbits < 6; fracbits++) {
@@ -124,7 +125,8 @@ static void test_bits_fraclog(void)
 /* The compiler *should* generate different code when the fracbits parameter
    is a compile-time constant, so we also need to check that's the case.
 */
-static void test_bits_fraclog_const(void)
+static void ATTR_NO_SANITIZE_INTEGER ATTR_NO_SANITIZE_IMPLICIT_CONVERSION
+test_bits_fraclog_const(void)
 {
 #define FRACBITS 2
 #define STR2(s) #s
-- 
2.47.3